The RdsLogsEntry servlet in SysAid Help Desk prior to 15.2 does not properly check file extensions, which allows remote malicious users to upload and execute arbitrary files via a NULL byte after the extension, as demonstrated by a .war%00 file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sysaid sysaid |